-
Notifications
You must be signed in to change notification settings - Fork 385
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Keep track of the currently-open elements while walking over DOM and use depth-first post-order traversal to improve processing #3243
Conversation
…keep-attributes-with-mustache-placeholders-intact * 'develop' of github.com:ampproject/amp-wp: (113 commits) This converts the keyboard cut handler to equal a copy handler to avoid bugs Fix aria-label adding helper function Remove extra line I added in resolving merge conflict Fix alignment of arrow Fix custom CTA text for page attachment Fix cut handler by shortcut Cleanup of duplicated comment Add unit testing to `addVideoAriaLabel` Remove unused piece of code Remove Cloudflare AMP cache since deprecated Handle cut keyboard requests. (#3231) Page Attachment block (#3035) Keyboard & Right-Click Menu Copy + Paste (#3083) Animation Previews (#3104) Make internal methods inaccessible Omit the ecosystem link also when using a core theme Add skipped e2e test for the video block Add array_colum() pollyfill for PHP < 5.5 Add asserts to make sure we are not enqueueing both versions of dashicons Remove useless variable ...
… through DOM tree * Instead of stack array with contexts, recursively walk through DOM tree and keep track of the number of open ancestor elements. * Use open ancestor template elements to determine whether to skip validating attribute values. * Use open ancestor elements as a shortcut for the logic in AMP_Tag_And_Attribute_Sanitizer::get_ancestor_with_matching_spec_name(). * Add DOMElement and array types for arguments to AMP_Tag_And_Attribute_Sanitizer methods. * Remove obsolete checks for arguments being DOMElement. * Eliminate unnecessary AMP_Tag_And_Attribute_Sanitizer::delegated_sanitize_disallowed_attribute_values_in_node(). * Use data provider for test_replace_node_with_children_validation_errors.
…_node reported Fix gathering of required component scripts with move to DFS+LRN. Now that the children are visited before the parents, the required component scripts must by passed up from visiting the children and only passed along if the parent does not then get removed.
All (the pull request submitter and all commit authors) CLAs are signed, but one or more commits were authored or co-authored by someone other than the pull request submitter. We need to confirm that all authors are ok with their commits being contributed to this project. Please have them confirm that by leaving a comment that contains only Note to project maintainer: There may be cases where the author cannot leave a comment, or the comment is not properly detected as consent. In those cases, you can manually confirm consent of the commit author(s), and set the ℹ️ Googlers: Go here for more info. |
There is currently an unrelated fatal error happening when run PHPUnit tests against WordPress
Also reported in Gutenberg: WordPress/gutenberg#17444. The issue is resolved if I check out the current |
In regards to the the CLA complaint, it seems like a bug with the bot because all of the commits from @schlessera were OK in the other PR: #3206. So I'm happy to forcibly flip the bit to |
@googlebot I consent. |
CLAs look good, thanks! ℹ️ Googlers: Go here for more info. |
Regarding the |
Regarding the general approach of using |
@schlessera And here I was hoping you would be so proud of me 😄 But that makes perfect sense. Excellent point. |
We can actually rely on that currently because we will know the moment that non-Mustache templates are allowed because the change will correspond with spec updates. So we'll see it when performing a spec update, and we can make the required changes at that time (if ever). |
@schlessera Interesting point. The tag-and-attribute sanitizer was introduced a long time ago (before my time) in #600, specifically in delputnam@e7e51f0. So I don't know if this was in mind when opting for a non-recursive solution. I kinda think that it may not have been on the radar, since the sanitizer was not yet concerned with validating constraints based on the location of a node in a hierarchy. The concern here would be if an HTML page has a DOM tree with extreme nesting of elements. In HTML4 it appears the max nesting depth was 100 elements: https://bugzilla.mozilla.org/show_bug.cgi?id=256180#c36 This limit was lifted in HTML5, but it seems unusual to have documents with such deeply-nested elements (though I know they do exist). I can't seem to find any data on the frequency. Perhaps this should be merged and then we can look at refactoring recursion to re-introduce iteration with a stack? |
I'm okay with merging this and reconsidering for v2 (or until we hit bug reports). |
@schlessera I just tested and it appears that libxml has a maximum nesting depth of 256.
So as long as PHP doesn't complain about recursing 256+ times, then this shouldn't be a problem faced by a recursive |
PHP should be fine about that, but the default recursion limit if Xdebug is active is 100 (it can be raised, though). |
This seems to have broken code coverage collection on Travis CI, see #3337. |
This PR builds upon #3206 to simplify the logic for the
AMP_Tag_And_Attribute_Sanitizer
. Instead of introducing a new context construct which is added to the stack/queue, this PR replaces the contexts with a true recursive walking over the DOM tree, and keeping track of the current number of open elements by type at any given point. The number of open elements of given names can then be used not only to determine the context for whether or not attribute validation is currently happening inside of atemplate
, but also it can be used to speed up checks for whether a given element has a particular ancestor.AMP_Tag_And_Attribute_Sanitizer::get_ancestor_with_matching_spec_name()
.AMP_Tag_And_Attribute_Sanitizer
methods.DOMElement
.AMP_Tag_And_Attribute_Sanitizer::delegated_sanitize_disallowed_attribute_values_in_node()
.test_replace_node_with_children_validation_errors
.Fixes #3137. Closes #3206. Fixes #1493.